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- The MAILING DA TE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )^ Responsive to communication(s) filed on 29 June 2001 . 
2a)\Z\ This action is FINAL. 2b)[X] This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-3,5,7-9,12-17 and 19-29 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) Kl Claim(s) 1-3,5,7-9,12-17 and 19-29 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10)[X] The drawing(s) filed on 29 June 2001 is/are: a)D accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 0 Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

30 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claim 1-3, 5, 7-9, 12-17, and 19-29 are presented for examination. 

Specification 

2. The drawings are objected to because the office is no longer accepting hand drawings. 
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office 
action to avoid abandonment of the application. Any amended replacement drawing sheet should 
include all of the figures appearing on the immediate prior version of the sheet, even if only one 
figure is being amended. The figure or figure number of an amended drawing should not be 
labeled as "amended." If a drawing figure is to be canceled, the appropriate figure must be 
removed from the replacement sheet, and where necessary, the remaining figures must be 
renumbered and appropriate changes made to the brief description of the several views of the 
drawings for consistency. Additional replacement sheets may be necessary to show the 
renumbering of the remaining figures. The replacement sheet(s) should be labeled "Replacement 
Sheet" in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the 
drawing figures. If the changes are not accepted by the examiner, the applicant will be notified 
and informed of any required corrective action in the next Office action. The objection to the 
drawings will not be held in abeyance. 

3. The drawings are objected to under 37 CFR 1 .83(a) because they fail to show S9, S10, 
SI 1 on page 16 as described in the specification. Any structural detail that is essential for a 
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proper understanding of the disclosed invention should be shown in the drawing. MPEP § 
608.02(d). Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to 
the Office action to avoid abandonment of the application. Any amended replacement drawing 
sheet should include all of the figures appearing on the immediate prior version of the sheet, 
even if only one figure is being amended. The figure or figure number of an amended drawing 
should not be labeled as "amended." If a drawing figure is to be canceled, the appropriate figure 
must be removed from the replacement sheet, and where necessary, the remaining figures must 
be renumbered and appropriate changes made to the brief description of the several views of the 
drawings for consistency. Additional replacement sheets may be necessary to show the 
renumbering of the remaining figures. The replacement sheet(s) should be labeled "Replacement 
Sheet" in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the 
drawing figures. If the changes are not accepted by the examiner, the applicant will be notified 
and informed of any required corrective action in the next Office action. The objection to the 
drawings will not be held in abeyance. 

Claim Rejections - 35 USC § 102 
4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 
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5. Claims 1-3, 5, 7-9, 12-17, and 19 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Baird, III et al. (Baird, Patent No.: US 6,732,278 B2). 

3.1 As per claim 1, Baird teaches a method of protecting an asset of an information and/or 
physical type, comprising the step of: 

providing processor-based physical asset protection (Baird Col. 16 lines 39-65; 
processor-based smart card is provided to protect data and for access control), providing 
processor-based information asset protection (Baird Col. 12 lines 15-col. 13 lines 5; password is 
used to access the site and data is encrypted to protect asset), and integrating said processor- 
based physical asset protection and said processor-based information asset protection in a hosted 
environment (Col. 16 lines 61 -col. 17 lines 67, and Abstract; process-based smart card and 
information asset protection is integrated by authenticating user's password and biometric data 
stored in the smart card.). 

3.2 As per claim 12, Baird teaches a system for protecting an asset, comprising: 

a physical asset protection module that provides physical protection for said asset (Baird 
Col. 5 lines 33-42); 

an information asset protection module that provides information security protection for 
said asset (Baird Col. 2 lines 43-67); and 

an integrator that performs an integration of said physical asset protection module and said 
information asset protection module, wherein said system is one of in a hosted environment and 
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at said asset (Baird Col. 6 lines 35-col. 7 lines 11). 

3.3 As per claim 2, Baird teaches the method, said integrating step comprising providing, 
maintaining and operating a software application that integrates said physical asset protection 
(Baird Col. 5 lines 33-42) and said information asset protection in said hosted environment in 
accordance with user instructions (Baird Abstract). 

3.4 As per claim 3, Baird teaches the method, further comprising the steps of: 
registering a user by storing user information (Baird Col. 7 lines 19-33); 
authenticating a user by comparing at least one user characteristic from said user 

information with a third-party database (Baird Col. 7 lines 63-col. 8 lines 21); 

comparing a current asset use pattern with a historical asset use pattern for said user to 
detect anomalous usage (Baird Col. 12 lines 10-28); 

updating said historical use pattern on the basis of said current use pattern (Baird Col. 8 
lines 1-21); 

taking a corrective action, wherein a first corrective action is taken if said authenticating 
step generates a non-authenticated user output and a second corrective action is taken if 
anomalous usage is detected during said comparing step (Baird Fig. 7 No. 604, 606; if invalid 
input entered the corrective action is taken back to requesting a user to enter password and 
biometric data again); and 

wherein said authenticating and comparing steps provide physical asset protection and 
information asset protection and are performed in said hosted environment (Baird Abstract). 
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3.5 As per claim 5, Baird teaches the method, further comprising the steps of: 
registering a visitor by providing initial visitor information (Baird Col. 7 lines 19-33); 
comparing said initial visitor information with a third-party database to determine if said 

registered visitor is entitled to access to said asset (Baird Col. 7 lines 63-col. 8 lines 21); and 
receiving said registered visitor in an authentication area (Baird Col 8 lines 22-32); 
checking a match of said registered visitor with a physical entity (Baird Col. 14 lines 36- 

44, col. 17 lines 59-col. 18 lines 4); 

regulating entry on the basis of said checking and comparing steps, wherein said 

registered visitor is denied access if said registered visitor does not match said physical entity, or 

said comparing step indicates that said visitor does not have access to said asset (Baird Col. 17 

lines 1-27); and 

wherein at least one of said comparing step, said receiving step and said checking step 
provide physical asset protection and information asset protection (Baird Abstract). 

3.6 As per claim 7, Baird teaches the method, wherein one of said receiving step and said 
comparing step comprises applying biometrics to control access for said user (Baird Col. 8 lines 
1-21). 



3.7 As per claim 8, Baird teaches the method, wherein said biometrics comprises one of 
scanning and testing a target tissue of said visitor's body (Baird Col. 17 lines 28-31). 
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3.8 As per claim 9, Baird teaches the method, wherein said physical asset protection 
comprises securing ingress and egress areas for a location protected by a physical barrier (Baird 
Col. 2 lines 1-17; biometric smart card is used to gain access to gain access to protected data). 

3.9 As per claim 13 5 Baird teaches the asset protection system, further comprising a user 
tracking system that authenticates a user as a registered user and provides physical access and 
information access to said asset in accordance with historical use patterns of said user for said 
asset, wherein said user tracking system updates said historical use patterns in accordance with a 
current use pattern of said user (Baird Col. 19 lines 36-50, Fig. 7 No. 604, and 606). 

3.10 As per claim 14, Baird teaches the asset protection system, said historical use patterns 
comprising at least one of frequency, type and time duration (Baird Col. 19 lines 36-50). 

3.11 As per claim 15, Baird teaches the asset protection system, further comprising a visitor 
tracking system that authenticates a registered visitor that has not been barred from accessing 
said asset, and allows access in accordance with reception authentication process (Baird Col. 19 
lines 36-50). 

3. 12 As per claim 16, Baird teaches the asset protection system, further comprising a 
biometrics authentication subsystem that uses physical data of said visitor to allow said access 
(Baird Col. 8 lines 1-21). 



Application/Control Number: 09/893,501 Page 8 

Art Unit: 2136 

3.13 As per claim 17, Baird teaches the asset protection system, wherein said physical data 
comprises a test data portion of said visitor's body (Baird Col. 17 lines 28-31). 

3.14 As per claim 19, Baird teaches the asset protection system, wherein said integration is 
performed in response to an instruction to develop, maintain and operate a computer application 
to protect said asset (Baird Abstract). 

Claim Rejections - 35 USC §103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 20-29 are rejected under 35 U.S.C. 103(a) as being unpatentable over Baird, III et 
al. (Baird, Patent No.: US 6,732,278 B2) in view of Boate et al. (Boate Pub. No.: US 
2002/0104006 Al). 

5.1 As per claim 20, Baird teaches a method of providing asset security protection, 
comprising: 

hosted environment indicative of asset access, wherein protection of physical and 
information characteristics of said asset is integrated in said hosted environment (Baird Abstract; 
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access to the device is granted after authentication process during which a user password and 
biometric are provided to the device), 

Baird does not explicitly teach transmitting and receiving a first and second signals 
respectively to a hosted environment, said first signal comprising user registration 
characteristics, 

However Boate et al. teaches transmitting and receiving a signal to a host environment 
(Boate Fig. 4a) and new user registration (Boate Page 5 par. 0036) 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Boate with in the system of Baird because it 
would allow a secure authentication of an individual and access control to components of the 
computer network (Boate Page 1 par. 0001) by transmitting signals to the hosted environment 
and receiving signals from the hosted environment. 

5.2 As per claim 21, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches the method, wherein said transmitting step comprises: 

providing user registration information to said hosted environment (Boate Page 5 par. 
0036); and 

processing at said hosted environment said user information to generate said second 
signal (Boate Page 5 par. 0036) The rational for combining are the same as claim 20 above. 
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5.3 As per claim 22, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches wherein said receiving step comprises receiving an access decision from 
said hosted environment, said decision being in accordance with biometrics of a user (Boate 
Page 4 par. 0032) The rational for combining are the same as claim 20 above. 

5.4 As per claim 23, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches further comprising comparing said user information to a third-party 
database to generate an authentication output as said second signal (Boate Page 6 par. 0045) The 
rational for combining are the same as claim 20 above. 

5.5 As per claim 24, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches further comprising the steps of: 

entering credentials of a user into an access database in said hosted environment to enroll 
said user (Boate Page 5 par. 0036); and 

outputting an identification object in accordance with said credentials, wherein 
unauthorized access is denied by said hosted environment (Boate Page 4 par. 0034, Fig. 4B; 
access refusal message) Therefore it would have been obvious to one havening ordinary skill in 
the art at the time of the invention to combine the teachings of Boate with in the system of Baird 
because it would register users information to enroll and would also inform users by their 
identification when the access is denied or accepted. 
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5.6 As per claim 25, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches said entering step comprising the steps of: 

providing an authorized operator with permission to at least one of alter and append said 
access database (Boate Page 4 par. 0034); 

obtaining a biometric from said user and searching for said biometric in said access 
database to generate a search result, wherein said biometric and credential data is added to said 
access database if said search result indicates an absence of said biometric (Boate Page 5 par. 
0036), and if said search result indicates a presence of said biometric in said access database, one 
of verifying said credential data if said user is authentic and denying access to said user if said 
user is not authentic, in accordance with said biometric (Boate Page 5 par. 0039, page 6 par. 
0045); 

denying access to said user if said user appears in a barred user database (Boate Fig. 4C; 
message indicating refusal to logon); 

determining if a photo of said user is in said hosted environment, wherein a digital image 
is imported to generate said photo if said photo is not present in said hosted environment (Boate 
Page 4 par. 0032); 

verifying that said photo represents said new user (Boate Page 5 par. 0036, page 6 par. 

0045); 

providing additional user information and user access privileges to said hosted 
environment (Boate Page 5 par. 0036); and 

generating said identification object having a predetermined layout, said identification 
object comprising an encrypted three-dimensional barcode in accordance with said biometric and 
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said credential data (Boate Page 5 par. 0036; user is handed a personal identification device that 
has biometric data, public key and private key) The rational for combining are the same as claim 
20 above. 

5.7 As per claim 26, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches said outputting step comprising the steps of: receiving said identification 
object from said hosted environment and producing a copy of said identification object; said user 
verifying integrity of said biometric, said photo and said credentials; and distributing said 
identification object to said user (Boate Page 5 par. 0036) The rational for combining are the 
same as claim 24 above. 

5.8 As per claim 27, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches, wherein said identification object is produced by printing an 
identification badge (Boate Page.5 par. 0036; personal digital identification device reads on 
identification badge) Therefore it would have been obvious to one havening ordinary skill in the 
art at the time of the invention to combine the teachings of Boate with in the system of Baird 
because it would authenticate and integrate a users identity by password and biometric data. 

5.9 As per claim 28, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches wherein said biometric comprises a scan of a biological target tissue 
(Boate Page 6 par. 0045) The rational for combining are the same as claim 27 above. 
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5.10 As per claim 29, Baird and Boate teach all the subject matter as described above. In 
addition Boate teaches, wherein said target tissue comprises at least one of finger, hand and eye 
parameter (Boate Page 6 par. 45) The rational for combining are the same as claim 27 above. 

8, Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A Shiferaw whose telephone number is 703-305-0326. The 
examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Eleni Shiferaw 
Art Unit 2136 



AYAZ S ; -:SKH 
SUPERVISE* - cy -*Vi!NER 
TECHNOLOGY 0L\'TZR 4100 



